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REMARKS/ARGUMENTS 

The Final Office Action mailed April 12, 2006 has been carefully considered. 
Reconsideration in view of the following remarks is respectfully requested. 

Claim Status and Amendment to the Claims 
Claims 1-71 are now pending. 

Applicants gratefully acknowledge the indication of allowance of claim 52-71. 
Applicants are further grateful for the indication of allowability of claims 6-8, 12-13, 19-21, 25- 
26, 32-34, and 38-39, subject to their re-writing in independent form including all of the 
limitations of the base claim and any intervening claims. 

Claims 1-2, 4, 6, 9, 12, 14-15, 17, 19, 22, 25, 27-28, 30, 32, 35, 38, 40, 46-47, 52, 57, 60, 
62, 65, 67, and 70 have been amended to further particularly point out and distinctly claim 
subject matter regarded as the invention. The amendment also includes minor changes of a 
clerical nature. 

No "new matter" has been added by the amendment. 

The 35 U.S.C. §102 Rejection 

Claims 1-2, 14-15, and 27-28 stand rejected under 35 U.S.C. §102(a) as being anticipated 
by Jacobson et al. (U.S. Pat. No. 6,044,402), among which claims 1, 14, and 27 are independent 
claims. This rejection is respectfully traversed. 
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"A claim is anticipated only if each and every element as set forth in the claim is found, 
either expressly or inherently described, in a single prior art reference." Verdegaal Bros. v. 
Union Oil Co. of California, 814 F.2d 628, 631, 2 USPQ 2d 1051, 1053 (Fed. Cir. 1987). "The 
identical invention must be shown in as complete detail as is contained in the . . . claim." 
Richardson v. Suzuki Motor Co., 869 F.2d 1226, 1236, 9 USPQ2d 1913, 1920 (Fed. Cir. 1989). 
See also, M.P.E.P. §2131. 

Claim 1, as amended, defines a method for controlling subscriber access in a network 
capable of establishing connections with a plurality of domain sites. The claimed method 
comprises (a) receiving, at an access server coupled to a first communication network and a 
second communication network, a communication from a subscriber on said first communication 
network, said communication optionally including a domain site identifier associated with a 
domain site on said second communication network, and (b) authorizing subscriber access to said 
domain site on said second communication network upon determining, in response to said 
receiving, that said domain site identifier is included in a list of authorized domain sites 
associated with a virtual circuit through which said communication is received, as recited in 
claim 1 as amended ( emphasis added). 

In the Office Action, the Examiner alleges that the elements of the presently claimed 
invention are disclosed in Jacobson. The Examiner specifically equates Jacobson's gateway 106, 
first subnet 102-1, second subnet 102-2, destination address 146 (in a network header 142 of 
each communication packet 114), and network address access list 212 with the claimed access 



26 



Docket No.: CISCO-3096 
(032590-118) 

server, the claimed first communication network, the claimed second communication network, 
the claimed domain site identifier, and the claimed list of authorized domain sites, respectively. 
Furthermore, the Examiner alleges that "domain identifier" is given the broadest and reasonable 
interpretation in light of the specification, and that domains are defined by the IP address and all 
devices sharing a common part of the IP address are said to be in the same domain." In addition, 
in response to the Applicant's arguments, the Examiner alleges that the recitation of "a virtual 
circuit used to receive said communication" is an intended use and thus not patentably 
distinguishable. The Applicant respectfully disagrees for the reasons set forth below. 

First, claim 1 does not recite an intended use of the virtual circuit because, in the 
authorizing process, the communication is received actually using the virtual circuit, as is well 
understood from the claim language. Also, claim 1 has been amended to recite "the list of 
authorized domain sites associated with a virtual circuit through which said communication is 
received" for further clarification. 

With respect to the Examiner's allegation regarding "domain identifier," (the Final Office 
Action, page 7, section 20, point (A)), the claimed terms "domain" and "domain identifier" have 
been amended to "domain site" and "domain site identifier," respectively, based on the 
description on page 5, lines 16-23, page 6, lines 21-22, page 7, line 21 through page 8, line 6, 
page 17, lines 21-22, and page 18, lines 16-21. The claimed term "domain site" is, for example, 
a privately owned secure network or publicly owned network which may include a number of 
devices and terminals having corresponding individual IP addresses. The claimed "domain site 
identifier" identifies such a domain site (i.e., such a private/public network) as a whole, not 
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individual devices and terminals therein. Accordingly, although the claim language "domain site 
identifier" may be given a reasonably broadest interpretation in the light of the specification, such 
a reasonably broadest interpretation of "domain site identifier" does not encompass individual IP 
addresses. Therefore, contrary to the Examiner's allegation, Jacobson's alleged network access 
list of IP addresses does not teach or suggest the claimed list of domain site identifiers, as recited 
in claim 1 . 

Furthermore, in Jacobson, the blocking controller 170 initially determines a blocking 
mode for a protected host computer 104-1 using the blocking mode table 200 (column 16, lines 
21-24 thereof). The connection from/to the protected host computer 104-1 is blocked if the 
source or destination network address is found in the network address block list 202 (column 17, 
lines 63-67 of Jacobson), allowed if the blocking mode for the host computer 104-1 is the open 
mode (column 18, lines 54-57 of Jacobson), and blocked if the blocking mode for the host 
computer 104-1 is the shutdown mode (column 18, lines 57-59 of Jacobson). Only when the 
blocking mode for the protected host computer 104-1 is the restricted mode (column 18, lines 42- 
47 of Jacobson), the network address access list 212 (the alleged list of authorized domain sites) 
is looked up in order to determine if another host computer's network address is in the network 
address access list 212 (column 18, lines 48-53 of Jacobson). Thus, the network address access 
list 212 may be associated with a restriction mode and/or the protected host computer for which 
the network address access list 212 used, there is no association between the network address 
access list 212 of Jacobson and a virtual circuit through which the communication (i.e., the 
communication packet 114) is received. 
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It should be noted that Jacobson' s connection blocking process which uses the network 
address access list 212 (and other tables and lists 200, 202, 204, 206, 208, and 210) is based on a 
connection information set obtained from each communication packet 114 (column 16, lines 21- 
24 thereof). Jacobson only teaches using the source and destination network addresses 144 and 
146, and the source and destination service access addresses 124 and 126 in the connection 
information set (column 16, line 18 through column 17, line 59 thereof). The packet 114 may 
also include the source and destination physical addresses 152 and 154 (column 19, lines 10-11 
of Jacobson). However, as is well known to those of ordinary skill in the art, a virtual circuit is 
an end-to-end link or path over a packet switched network, and thus cannot be specified or 
identified by the source and destination addresses of a packet (in any layer) because there are 
many possible links or paths from the source to the destination. 

Accordingly, Jacobson fails to teach or suggest associating the network address access list 
212 (the alleged list of authorized domain sites) with a virtual circuit, or otherwise identifying a 
virtual circuit through which the communication (packet) is received, as recited in claim 1 . 

Claims 14 and 27 also include substantially the same distinctive features as claim 1. 
Accordingly, it is respectfully requested that the rejection of claims based on Jacobson be 
withdrawn. 

In view of the foregoing, it is respectfully asserted that the claims are now in condition 
for allowance. 
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The 35 U.S.C. §103 Rejection 

Claims 3-5, 9-11, 16-18, 22-24, 29-31, 35-37, and 40-51 stand rejected under 35 U.S.C. 
§ 103(a) as being unpatentable over Jacobson, in view of Loehndorf, Jr. et al. (U.S. Pat. No. 
6,094,437), among which claims 40 and 46 are independent claims. This rejection is respectfully 
traversed. 

According to M.P.E.P. §2143, 

To establish a prima facie case of obviousness, three basic criteria must be met. First 
there must be some suggestion or motivation, either in the references themselves or in the 
knowledge generally available to one of ordinary skill in the art, to modify the reference 
or to combine reference teachings. Second, there must be a reasonable expectation of 
success. Finally, the prior art reference (or references when combined) must teach or 
suggest all the claim limitations. The teaching or suggestion to make the claimed 
combination and the reasonable expectation of success must both be found in the prior 
art, not in the applicant's disclosure. 

Furthermore, the mere fact that references can be combined or modified does not render 
the resultant combination obvious unless the prior art also suggests the desirability of the 
combination. In re Mills, 916 F.2d 680, 16 USPQ2d 1430 (Fed. Cir. 1990). 

In the Office Action, the Examiner specifically contends that the elements of the presently 
claimed invention are disclosed in Jacobson, except that Jacobson does not teach that the 
communication comprises a PPP session, which in turn comprises a tunneling session, and that 
the PPP session is forwarded onto a tunnel with assigned tunnel ID when the subscriber is 
authorized. The Examiner further contends that Loehndorf teaches the missing features and that 
it would be obvious to one having ordinary skill in the art at the time of the invention to 
incorporate Loehndorf into Jacobson in order to securely send data between networks and to 
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provide needed and improved functionality. The Applicants respectfully disagree for the reasons 
set forth below. 

With respect to dependent claims of claim 1,14, and 27, Jacobson, the primary reference, 
fails to teach the claimed "list of authorized domain sites associated with a virtual circuit through 
which the communication is received" ( emphasis added) recited in the independent claims, as 
discussed above. Since Loehndorf only teaches the conventional layer two tunneling protocol, 
any combination of Jacobson and Loehndorf also fails to teach the claimed list of authorized 
domain sites associated with a virtual circuit. Accordingly, it is respectfully submitted that 
dependent claims 3-5, 9-11, 16-18, 22-24, 29-31, and 35-37 are patentable at least for the same 
reasons. 

Claim 40 defines an access server capable of allowing subscribers of a communications 
system to gain exclusive access to a domain site associated with a virtual circuit. The claimed 
access server comprises (a) an authorized domain list request generator capable of generating an 
authorized domain list request including a virtual circuit identifier associated with a virtual 
circuit through which a PPP session authentication request is accepted , said PPP session 
authentication request including a domain site identifier, (b) an assessor capable of determining 
whether said domain site identifier is in an authorized domain list associated with said virtual 
circuit ; a tunnel TD request generator capable of generating a tunnel ID request including said 
domain site identifier, and (c) an authorizer capable of granting users access to said domain site 
based upon said authorized domain list, as recited in claim 40, as amended ( emphasis added). 
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As discussed above, Jacobson fails to teach or suggest the network address access list 212 
(the alleged list of authorized domain sites) associated with a virtual circuit through which the 
communication (packet or request) is received or accepted, or identifying such a virtual circuit. 

Thus, Jacobson, whether considered alone or combined with or modified by Loehndorf, 
does not teach or suggest the claimed invention as recited in claim 40. Claim 46 also include 
substantially the same distinctive feature as claim 40. 

Accordingly, it is respectfully requested that the rejection of claims based on Jacobson 
and Loehndorf be withdrawn. In view of the foregoing, it is respectfully asserted that the claims 
are now in condition for allowance. 

Other Dependent Claims 

Claims 41-44 depend from claim 40, and claims 47-50 depend from claim 46, and thus 
include the limitations of claims 40 and 46, respectively. The argument set forth above is equally 
applicable here. The base claims being allowable, the dependent claims must also be allowable 
at least for the same reasons. 

In view of the foregoing, it is respectfully asserted that the claims are now in condition 
for allowance. 
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Conclusion 



It is believed that this Amendment places the above-identified patent application into 
condition for allowance. Early favorable consideration of this Amendment is earnestly solicited. 

If, in the opinion of the Examiner, an interview would expedite the prosecution of this 
application, the Examiner is invited to call the undersigned attorney at the number indicated 



The Commissioner is hereby authorized to charge any fees which may be required, or 
credit any overpayment, to Deposit Account Number 50-1698. 



Thelen Reid & Priest LLP 
P.O. Box 640640 
San Jose, CA 95164-0640 
Tel. (408) 292-5800 
Fax. (408) 287-8040 



below. 



Respectfully submitted, 
THELEN REID & PRIEST, LLP 





Masako Ando 

Ltd. Rec. No. LOO 16 
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